Safeguards to Protect the Processing of Personal Information


POPI requires responsible parties to implement generally accepted information security. ISO 27001 is an internationally standard widely recognised as the reference for generally accepted information security practices and procedures. ISO 27001 requires that organisations establish, document, implement and maintain an information management system to protect personal information.


This 2 day course provides delegates with an understanding of the technical and organisational measures for the protection of personal information using ISO 27001. Delegates also learn about the integrated process approach for information security management and how to extend their current activities in line with international standards.

The Protection of Personal Information Act requires that effective information security be implemented and continuously improved in accordance with generally accepted standards. An ISO 27001 information security management system will ensure that the information security strategy and practices are aligned with the enterprise’s business needs and strategic goals regarding privacy. An appropriate implementation of ISO 27001 will assist responsible parties demonstrate their commitment.

Seminar Objectives

Participants will gain an understanding of the POPIA requirements and how to correctly implement an information security management system using ISO 27001. On completion of this seminar participants will be able to:

Seminar Outline

Participants will learn through discussion and practical examples how to design and implement the safeguards required to protect personal information in accordance with the ISO 27000 family of standards for information security management and the Protection of Personal Information Act.

This seminar includes topics about: